Lyft Bless implementation

[Vegard]

Hi! 

I'm hoping this is the appropriate place for this post. 

Based on the information posted here https://www.scaleft.com/blog/netflix-oss-security-meetup/ you guys presented your implementation of BLESS generating certificates on developer laptops rather than on the bastion as Netflix does. This is the exact way my company would like to do things, and it looks like a fantastic solution. 

While there is enough information in the slidedeck to try and recreate the functionality, and you've also open-sourced python-kmsauth, would you be open to open-sourcing the other components of the presented solution? For instance the blessclient with 2FA support. It seems your tweaks to BLESS itself is available on your fork of that project, but some documentation or a guide on how to implement this would be an amazing resource. 

Thanks,

Vegard